New Reply-all Storm Protection Report, Settings UI, and Alert Policy
Published Apr 22 2022 09:49 AM 13.5K Views

The Reply-all Storm Protection feature in Exchange Online helps protect your organization from unwanted and disruptive reply-all storms. Last year we updated the feature to give admins the ability to customize key settings for reply-all storm detection and block duration, and in that announcement we noted that several additional updates were planned for a future date. We're pleased to announce that we're rolling out three updates:

  1. A Reply-all Storm Protection Report to track reply-all storms and the messages blocked by the feature.
  2. The ability to customize feature settings within the EAC (in addition to Remote PowerShell).
  3. A mail flow system alert policy to notify admins when a reply-all storm hits your organization.

The report includes charts for detected reply-all storms and associated blocked messages, and a pop-out storm details panel available when you click on a storm name at the bottom of each chart with additional details about each storm. It also includes a CSV-exportable table with key details of each storm such as subject, original message, total messages, and message ID. The report is available in the new EAC under the Reports > Mail flow section. Here's a sample report:

StormProtect01.png

Roll-out of the report starts this week and should finish by the end of May for the WW environments (including GCC), with availability in the GCC-High environment expected by the end of July. More information about the report can be found in Reply-all storm protection report in the new EAC in Exchange Online.

It's been possible to customize key settings for the Reply-all storm protection feature using Remote PowerShell for over a year. Today, we're happy to announce that you can now also customize these settings in the new EAC under the Settings > Mail flow panel, available now, as shown below:

StormProtect02.png

To change these settings, you must have permission to change Transport configuration information (e.g., Set-TransportConfig) as part of the Organization Transport Settings role group (and included as part of the Exchange Admin and Global Admin roles).

Lastly, we're currently working on a mail flow system alert policy that will notify admins when a reply-all storm has been detected and at least one reply-all has been blocked. Like all mail flow alerts it will be customizable so you can configure who gets notified and other common alert parameters. When the Reply-all Storm Protection alert policy is released (by the end of July) it will appear in the Mail flow > Alert policies section of the new EAC.

We hope you find these new updates for the Reply-all Storm Protection feature useful, and we look forward to any feedback or suggestions for future updates you might have.

Exchange Transport Team

9 Comments
Co-Authors
Version history
Last update:
‎Apr 22 2022 08:54 PM
Updated by: